Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual

Page 105

Advertising
background image

Brocade Virtual ADX Administration Guide

93

53-1003249-01

Configuring RADIUS security

2

The commands above cause RADIUS to be the primary authentication method for securing Telnet
access to the CLI. If RADIUS authentication fails due to an error with the server, local authentication
is used instead.

To create an authentication-method list that specifies RADIUS as the primary authentication
method for securing access to Privileged EXEC level and CONFIG levels of the CLI, enter the
following command.

Virtual ADX(config)#aaa authentication enable default radius local none

The command above causes RADIUS to be the primary authentication method for securing access
to Privileged EXEC level and CONFIG levels of the CLI. If RADIUS authentication fails due to an error
with the server, local authentication is used instead. If local authentication fails, no authentication
is used; the device automatically permits access.

Syntax: [no] aaa authentication enable | login default method1 [method2] [method3] [method4]

[method5] [method6] [method7]

The web-server | enable | login parameter specifies the type of access this authentication-method
list controls. You can configure one authentication-method list for each type of access.

NOTE

If you configure authentication for Web management access, authentication is performed each time
a page is requested from the server. When frames are enabled on the Web Management Interface,
the browser sends an HTTP request for each frame. The Brocade Virtual ADX authenticates each
HTTP request from the browser. To limit authentications to one per page, disable frames on the Web
Management Interface.

The method1 variable specifies the primary authentication method. The remaining optional
method variables specify additional methods to try if an error occurs with the primary method. A
method can be one of the values listed in the Method column in the following table.

TABLE 12

Authentication method values

Method

Description

line

Authenticate using the password you configured for Telnet access. The
Telnet password is configured using the enable telnet password…
command. Refer to

“Setting a Telnet password”

on page 62.

enable

Authenticate using the password you configured for the Super User
privilege level. This password is configured using the enable
super-user-password… command. Refer to

“Setting passwords for

management privilege levels”

on page 63.

local

Authenticate using a local user name and password you configured on the
device. Local user names and passwords are configured using the
username… command. Refer to

“Configuring a local user account”

on

page 68.

tacacs

Authenticate using the database on a TACACS server. You also must
identify the server to the device using the tacacs-server command.

tacacs+

Authenticate using the database on a TACACS+ server. You also must
identify the server to the device using the tacacs-server command.

radius

Authenticate using the database on a RADIUS server. You also must
identify the server to the device using the radius-server command.

none

Do not use any authentication method. The device automatically permits
access.

Advertising
Popular Brands
Popular manuals